Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-10122 | Missing Password Field Masking vulnerability in Topdata Inner REP Plus 2.01 A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. | 4.9 |
| 2024-10-18 | CVE-2024-9593 | Code Injection vulnerability in Wpplugin Time Clock The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. | 8.3 |
| 2024-10-18 | CVE-2023-6080 | Unspecified vulnerability in Lakesidesoftware Systrack Lsiagent Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access. | 7.8 |
| 2024-10-18 | CVE-2024-10120 | Unrestricted Upload of File with Dangerous Type vulnerability in Riskengine Radar A vulnerability has been found in wfh45678 Radar up to 1.0.8 and classified as critical. | 9.8 |
| 2024-10-18 | CVE-2024-42508 | Unspecified vulnerability in HP Oneview This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users. | 5.5 |
| 2024-10-18 | CVE-2024-9537 | Unspecified vulnerability in Sciencelogic SL1 ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. | 9.8 |
| 2024-10-18 | CVE-2024-47240 | Incorrect Default Permissions vulnerability in Dell Secure Connect Gateway 5.24.00.14 Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. | 6.3 |
| 2024-10-18 | CVE-2024-43300 | Cross-site Scripting vulnerability in Heimkino-Praxis Movie Database Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a through 1.0.11. | 4.8 |
| 2024-10-18 | CVE-2024-9674 | Cross-site Scripting vulnerability in Tahoe Debrandify The Debrandify · Remove or Replace WordPress Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-10-18 | CVE-2024-10057 | Cross-site Scripting vulnerability in Fahadmahmood RSS Feed Widget The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rfw-youtube-videos shortcode in all versions up to, and including, 2.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |